IN PROGRESS - issue FWK-119: Testes da extensão Servlet

https://demoiselle.atlassian.net/browse/FWK-119

IN PROGRESS - issue FWK-119: Testes da extensão Servlet
https://demoiselle.atlassian.net/browse/FWK-119
Cleverson Sacramento
1 parent fdc5ca4f
Showing 3 changed files with 78 additions and 11 deletions Show diff stats
impl/extension/servlet/src/test/java/security/authentication/form/HelperServlet.java
impl/extension/servlet/src/test/java/security/authentication/form/ServletAuthenticatorTest.java
impl/extension/servlet/src/test/resources/security/authentication/form/web.xml
 package security.authentication.form;
  
+import static org.apache.http.HttpStatus.SC_EXPECTATION_FAILED;
 import static org.apache.http.HttpStatus.SC_FORBIDDEN;
+import static org.apache.http.HttpStatus.SC_NOT_FOUND;
 import static org.apache.http.HttpStatus.SC_OK;
  
 import java.io.IOException;
+import java.security.InvalidParameterException;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
  
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
  
-import br.gov.frameworkdemoiselle.security.AuthenticationException;
 import br.gov.frameworkdemoiselle.security.Credentials;
+import br.gov.frameworkdemoiselle.security.InvalidCredentialsException;
 import br.gov.frameworkdemoiselle.security.SecurityContext;
 import br.gov.frameworkdemoiselle.util.Beans;
  
@@ -21,19 +26,63 @@ public class HelperServlet extends HttpServlet {
  
 	@Override
 	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-		String result = request.getHeader("Authorization");
-		result = (result == null ? request.getHeader("authorization") : result);
+		String action = getAction(request);
  
+		if ("login".equals(action)) {
+			login(request, response);
+		} else if ("logout".equals(action)) {
+			logout(request, response);
+		} else {
+			response.setStatus(SC_NOT_FOUND);
+		}
+	}
+
+	private void login(HttpServletRequest request, HttpServletResponse response) {
+		loadCredentials(request);
+		SecurityContext securityContext = Beans.getReference(SecurityContext.class);
+
+		try {
+			securityContext.login();
+
+			if (securityContext.isLoggedIn()) {
+				response.setStatus(SC_OK);
+			} else {
+				response.setStatus(SC_FORBIDDEN);
+			}
+
+		} catch (InvalidCredentialsException e) {
+			response.setStatus(SC_FORBIDDEN);
+		}
+	}
+
+	private void logout(HttpServletRequest request, HttpServletResponse response) {
+		loadCredentials(request);
+		SecurityContext securityContext = Beans.getReference(SecurityContext.class);
+
+		securityContext.login();
+		securityContext.logout();
+
+		if (!securityContext.isLoggedIn()) {
+			response.setStatus(SC_OK);
+		} else {
+			response.setStatus(SC_EXPECTATION_FAILED);
+		}
+	}
+
+	private void loadCredentials(HttpServletRequest request) {
 		Credentials credentials = Beans.getReference(Credentials.class);
 		credentials.setUsername(request.getParameter("username"));
 		credentials.setPassword(request.getParameter("password"));
+	}
  
-		try {
-			Beans.getReference(SecurityContext.class).login();
-			response.setStatus(SC_OK);
+	private String getAction(HttpServletRequest request) {
+		Pattern pattern = Pattern.compile("^.+/(.+)$");
+		Matcher matcher = pattern.matcher(request.getRequestURI());
  
-		} catch (AuthenticationException e) {
-			response.setStatus(SC_FORBIDDEN);
+		if (matcher.matches()) {
+			return matcher.group(1).toLowerCase();
+		} else {
+			throw new InvalidParameterException("Está faltando o parâmetro de ação na URL");
 		}
 	}
 }
@@ -40,7 +40,7 @@ public class ServletAuthenticatorTest {
  
 	@Test
 	public void loginSucessfull() throws ClientProtocolException, IOException, URISyntaxException {
-		URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper");
+		URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper/login");
 		uriBuilder.setParameter("username", "demoiselle");
 		uriBuilder.setParameter("password", "changeit");
  
@@ -53,7 +53,7 @@ public class ServletAuthenticatorTest {
  
 	@Test
 	public void loginFailed() throws ClientProtocolException, IOException, URISyntaxException {
-		URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper");
+		URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper/login");
 		uriBuilder.setParameter("username", "invalid");
 		uriBuilder.setParameter("password", "invalid");
  
@@ -63,4 +63,22 @@ public class ServletAuthenticatorTest {
 		int status = response.getStatusLine().getStatusCode();
 		assertEquals(SC_FORBIDDEN, status);
 	}
+
+	@Test
+	public void logoutSucessfull() throws ClientProtocolException, IOException, URISyntaxException {
+		URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper/logout");
+		uriBuilder.setParameter("username", "demoiselle");
+		uriBuilder.setParameter("password", "changeit");
+
+		HttpGet httpGet = new HttpGet(uriBuilder.build());
+		HttpResponse httpResponse = HttpClientBuilder.create().build().execute(httpGet);
+
+		int status = httpResponse.getStatusLine().getStatusCode();
+		assertEquals(SC_OK, status);
+	}
+
+	@Test
+	public void logoutFailed() throws ClientProtocolException, IOException, URISyntaxException {
+		URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper/logout");
+	}
 }
@@ -56,6 +56,6 @@
 	</servlet>
 	<servlet-mapping>
 		<servlet-name>Helper Servlet</servlet-name>
-		<url-pattern>/helper</url-pattern>
+		<url-pattern>/helper/*</url-pattern>
 	</servlet-mapping>
 </web-app>
 \ No newline at end of file
1	1	package security.authentication.form;
2	2
	3	+import static org.apache.http.HttpStatus.SC_EXPECTATION_FAILED;
3	4	import static org.apache.http.HttpStatus.SC_FORBIDDEN;
	5	+import static org.apache.http.HttpStatus.SC_NOT_FOUND;
4	6	import static org.apache.http.HttpStatus.SC_OK;
5	7
6	8	import java.io.IOException;
	9	+import java.security.InvalidParameterException;
	10	+import java.util.regex.Matcher;
	11	+import java.util.regex.Pattern;
7	12
8	13	import javax.servlet.ServletException;
9	14	import javax.servlet.http.HttpServlet;
10	15	import javax.servlet.http.HttpServletRequest;
11	16	import javax.servlet.http.HttpServletResponse;
12	17
13		-import br.gov.frameworkdemoiselle.security.AuthenticationException;
14	18	import br.gov.frameworkdemoiselle.security.Credentials;
	19	+import br.gov.frameworkdemoiselle.security.InvalidCredentialsException;
15	20	import br.gov.frameworkdemoiselle.security.SecurityContext;
16	21	import br.gov.frameworkdemoiselle.util.Beans;
17	22
...	...	@@ -21,19 +26,63 @@ public class HelperServlet extends HttpServlet {
21	26
22	27	@Override
23	28	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
24		- String result = request.getHeader("Authorization");
25		- result = (result == null ? request.getHeader("authorization") : result);
	29	+ String action = getAction(request);
26	30
	31	+ if ("login".equals(action)) {
	32	+ login(request, response);
	33	+ } else if ("logout".equals(action)) {
	34	+ logout(request, response);
	35	+ } else {
	36	+ response.setStatus(SC_NOT_FOUND);
	37	+ }
	38	+ }
	39	+
	40	+ private void login(HttpServletRequest request, HttpServletResponse response) {
	41	+ loadCredentials(request);
	42	+ SecurityContext securityContext = Beans.getReference(SecurityContext.class);
	43	+
	44	+ try {
	45	+ securityContext.login();
	46	+
	47	+ if (securityContext.isLoggedIn()) {
	48	+ response.setStatus(SC_OK);
	49	+ } else {
	50	+ response.setStatus(SC_FORBIDDEN);
	51	+ }
	52	+
	53	+ } catch (InvalidCredentialsException e) {
	54	+ response.setStatus(SC_FORBIDDEN);
	55	+ }
	56	+ }
	57	+
	58	+ private void logout(HttpServletRequest request, HttpServletResponse response) {
	59	+ loadCredentials(request);
	60	+ SecurityContext securityContext = Beans.getReference(SecurityContext.class);
	61	+
	62	+ securityContext.login();
	63	+ securityContext.logout();
	64	+
	65	+ if (!securityContext.isLoggedIn()) {
	66	+ response.setStatus(SC_OK);
	67	+ } else {
	68	+ response.setStatus(SC_EXPECTATION_FAILED);
	69	+ }
	70	+ }
	71	+
	72	+ private void loadCredentials(HttpServletRequest request) {
27	73	Credentials credentials = Beans.getReference(Credentials.class);
28	74	credentials.setUsername(request.getParameter("username"));
29	75	credentials.setPassword(request.getParameter("password"));
	76	+ }
30	77
31		- try {
32		- Beans.getReference(SecurityContext.class).login();
33		- response.setStatus(SC_OK);
	78	+ private String getAction(HttpServletRequest request) {
	79	+ Pattern pattern = Pattern.compile("^.+/(.+)$");
	80	+ Matcher matcher = pattern.matcher(request.getRequestURI());
34	81
35		- } catch (AuthenticationException e) {
36		- response.setStatus(SC_FORBIDDEN);
	82	+ if (matcher.matches()) {
	83	+ return matcher.group(1).toLowerCase();
	84	+ } else {
	85	+ throw new InvalidParameterException("Está faltando o parâmetro de ação na URL");
37	86	}
38	87	}
39	88	}
...	...
...	...	@@ -40,7 +40,7 @@ public class ServletAuthenticatorTest {
40	40
41	41	@Test
42	42	public void loginSucessfull() throws ClientProtocolException, IOException, URISyntaxException {
43		- URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper");
	43	+ URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper/login");
44	44	uriBuilder.setParameter("username", "demoiselle");
45	45	uriBuilder.setParameter("password", "changeit");
46	46
...	...	@@ -53,7 +53,7 @@ public class ServletAuthenticatorTest {
53	53
54	54	@Test
55	55	public void loginFailed() throws ClientProtocolException, IOException, URISyntaxException {
56		- URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper");
	56	+ URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper/login");
57	57	uriBuilder.setParameter("username", "invalid");
58	58	uriBuilder.setParameter("password", "invalid");
59	59
...	...	@@ -63,4 +63,22 @@ public class ServletAuthenticatorTest {
63	63	int status = response.getStatusLine().getStatusCode();
64	64	assertEquals(SC_FORBIDDEN, status);
65	65	}
	66	+
	67	+ @Test
	68	+ public void logoutSucessfull() throws ClientProtocolException, IOException, URISyntaxException {
	69	+ URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper/logout");
	70	+ uriBuilder.setParameter("username", "demoiselle");
	71	+ uriBuilder.setParameter("password", "changeit");
	72	+
	73	+ HttpGet httpGet = new HttpGet(uriBuilder.build());
	74	+ HttpResponse httpResponse = HttpClientBuilder.create().build().execute(httpGet);
	75	+
	76	+ int status = httpResponse.getStatusLine().getStatusCode();
	77	+ assertEquals(SC_OK, status);
	78	+ }
	79	+
	80	+ @Test
	81	+ public void logoutFailed() throws ClientProtocolException, IOException, URISyntaxException {
	82	+ URIBuilder uriBuilder = new URIBuilder(deploymentUrl + "/helper/logout");
	83	+ }
66	84	}
...	...
...	...	@@ -56,6 +56,6 @@
56	56	</servlet>
57	57	<servlet-mapping>
58	58	<servlet-name>Helper Servlet</servlet-name>
59		- <url-pattern>/helper</url-pattern>
	59	+ <url-pattern>/helper/*</url-pattern>
60	60	</servlet-mapping>
61	61	</web-app>
62	62	\ No newline at end of file
...	...